#encoding:UTF-8
class ComsController < ApplicationController
  load_and_authorize_resource
  # GET /coms
  # GET /coms.xml

  #1.保证管理员可以找到所有用户信息，
  #2.也可以根据用户id查找，还可以根据用户名查找，
  #3.个人只可以看到自己的公司信息，
  def index
    if session[:user].isAdmin? && params[:id] == nil && params[:username] == nil
      @coms = Com.all
    elsif session[:user].isAdmin? && params[:id] != nil 
      @coms = Com.find_all_by_user_id(params[:id])  
    elsif session[:user].isAdmin? && params[:username] != nil 
      user = User.find_by_username(params[:username])
      if user  != nil 
       @coms.find_all_by_user_id(user.id) 
      else
       @coms = Array.new
      end

     elsif session[:user].isVip? || session[:user].isTrial?
      @coms = Com.find_all_by_user_id(session[:user].id)  
    end

    respond_to do |format|
      format.html # index.html.erb
      format.xml  { render :xml => @coms }
    end
  end

  # GET /coms/1
  # GET /coms/1.xml
  def show
    @com = Com.find(params[:id])

    respond_to do |format|
      format.html  # show.html.erb
      format.xml  { render :xml => @com }
    end
  end

  def getImage
    @com = Com.find(params[:id])    
    send_data(@com.headimg,:type => "application/jpeg",:disposition => 'inline')
  end


  # GET /coms/new
  # GET /coms/new.xml
  def new
    @com = Com.new
    if session[:user].isAdmin?
      flash[:error] = "你是管理员，不能为用户创建公司信息！，不过可以更改，要更改请移步：/coms/：id/edit页面"
      respond_to do |format|
        format.html {redirect_to coms_url} # new.html.erb
        format.xml  { render :xml => @com }
      end
    elsif Com.find_by_user_id(session[:user].id) != nil
      flash[:error] = "你已经创建来一个公司，不能再执行此操作！"
      respond_to do |format|
        format.html {redirect_to coms_url} # new.html.erb
        format.xml  { render :xml => @com }
      end

    else
      respond_to do |format|
        format.html # new.html.erb
        format.xml  { render :xml => @com }
      end
    end
  end

  # GET /coms/1/edit
  def edit
    @com = Com.find(params[:id])
  end

  # POST /coms
  # POST /coms.xml
  #本action在用户登录之后创建和完善自己公司的信息
  #   =1.检查是否登录
  #   =2.是管理员还是普通用户 决定userid
  #   =3.model 检测数据类型
  #   =4.将用户填写的数据注入 数据库
  #   =5.入库
  def create
    @com = Com.new(params[:com])
    if session[:user] != nil
      if session[:user].isAdmin?
        flash[:error] = "你是管理员，不能为用户创建公司信息！，不过可以更改，要更改请移步：/coms/：id/edit页面"
        return
      else 
        @com.user_id = session[:user].id
        respond_to do |format|
          if @com.save
            format.html { redirect_to(@com, :notice => 'Com was successfully created.') }
            format.xml  { render :xml => @com, :status => :created, :location => @com }
          else
            format.html { render :action => "new" }
            format.xml  { render :xml => @com.errors, :status => :unprocessable_entity }
          end
        end
      end
    end
  end

  # PUT /coms/1
  # PUT /coms/1.xml
  #保证管理员修改用户的公司信息时，公司信息中的user——id 信息不会被改为 管理员的id，
  def update
    @com = Com.find(params[:id])
#    if session[:user].isAdmin?
#      @com.update_attribute(:user_id,params[:com][:user_id])
#    end
    respond_to do |format|
      if @com.update_attributes(params[:com])
        flash[:notice] = "修改成功！"
        format.html { redirect_to(@com) }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @com.errors, :status => :unprocessable_entity }
      end
    end
  end

  # DELETE /coms/1
  # DELETE /coms/1.xml
  def destroy
    @com = Com.find(params[:id])
    @com.destroy

    respond_to do |format|
      format.html { redirect_to(coms_url) }
      format.xml  { head :ok }
    end
  end
  
  def pigrules
    
  
  end

  def headimage
    

  end



end
